How to configure windbg on windows and lldb on Linux? In this post, I will share how to configure windbg on windows and lldb on Linux. This is an article from a group of friends who published to webchat in Chinese, so I quoted it.
One: background
1. Tell a story
A few days ago, a brother in the public account read a few articles and was ready to try it with windbg. As a result, it took several days for this match. (づ╥﹏╥)づ, I think there are also many friends who are eager to try. When configuring, you will definitely encounter this and that kind of problem, so I think it is necessary to sort it out so that everyone can avoid detours.
2: Configure windbg on windows
1. Where to download
Now it is more and more troublesome to install windbg and to install the Windows 10 SDK. Many people are planted here. In fact, you can directly find the one-click packaged version of windbg 6.0 on the Internet. It is only more than 30 MB. It is very easy to adjust production and local. Convenient, you can also practice SOS commands by the way.
Download WinDbg: https://www.upload-4ever.com/ce6an1yp93qp
2. Version issues
Unzip and open there will be an x64 and x86 folder. Obviously, 32-bit programs are debugged with x86 windbg, and 64-bit programs are debugged with x64 windbg, as shown below:
3. Other issues
I prefer to use 64-bit programs, so I use 64-bit windbg here.
<1> Configure Microsoft public symbols
The symbol is actually the PDB file. We will see this when we compile the project in debug mode. Its function will mark the dll to see local variables, global variables, line numbers, and other information through PDB during debugging. , The PDB file in the FCL library is placed on Microsoft’s public server
SRV*C:\mysymbols*http://msdl.microsoft.com/download/symbols.
<2> Understand sos.dll and clr.dll
Many times everyone is debugging after the fact, so you need to grab a dump file on production. In order to reverse the dump file to the runtime state on clr, you must find the clr version of the running program at the time, and also find the corresponding clr version sos.dll, they are usually together, sos is the channel through which you interact with clr, and many people are stuck on finding the correct version of sos and clr. . . If it is not clear, I can draw a picture.
With this pre-foundation, then you can configure and practice on windows and centos. . . 😄😄😄
3. Netcore 3.1 configuration on windows
To demonstrate, I will start with a simple piece of code:
static void Main(string[] args)
{
var info = "hello ZNLIVE.COM!";
Console.WriteLine(info);
Console.ReadLine();
}
1. Find clr.dll
In netcore, the name of clr becomes coreclr.dll, the path: C:\Program Files\dotnet\shared\Microsoft.NETCore.App\3.1.3
2. Find sos.dll
Starting from netcore3.0, sos has not been placed under the version number file, see the SOS_README.md content for details .
SOS and other diagnostic tools now ship of band and work with any version of the .NET Core runtime. SOS has moved to the diagnostics repo here: https://github.com/dotnet/diagnostics.git. Instructions to install SOS: https://github.com/dotnet/diagnostics#installing-sos.
Reading the above document, it probably means that the old version of windbg needs to generate a sos.dll through the small tool dotnet-sos, then follow the document
PS C:WINDOWSsystem32> dotnet tool install -g dotnet-sos You can invoke the tool using the following command: dotnet-sos Tool 'dotnet-sos' (version '3.1.122203') was successfully installed. PS C:WINDOWSsystem32> dotnet-sos install Installing SOS to C:Usershxc.dotnetsos from C:Usershxc.dotnettools.storedotnet-sos3.1.122203dotnet-sos3.1.122203toolsnetcoreapp2.1anywin-x64 Installing over existing installation... Creating installation directory... Copying files... Execute '.load C:Usershxc.dotnetsossos.dll' to load SOS in your Windows debugger. Cleaning up... SOS install succeeded PS C:WINDOWSsystem32>
Look carefully at the output, sos.dll has been generated, then generate a dump file in the task manager, and then use the .load command to load coreclr and sos into it.
.load C:Usershxc.dotnetsossos.dll .load C:Program FilesdotnetsharedMicrosoft.NETCore.App3.1.3coreclr.dll
Finally, let’s take a look info at the distribution of variables on the heap.
0:000> ~0s
ntdll!ZwReadFile+0x14:
00007ff8`3228aa64 c3 ret
0:000> !clrstack -l
OS Thread Id: 0x41d4 (0)
000000246097EA40 00007FFF89C50F97 Error: Fail to initialize CoreCLR 80131022
ConsoleApp5.Program.Main(System.String[])
LOCALS:
0x000000246097EA68 = 0x0000021d8141aba8
0:000> !do 0x0000021d8141aba8
Name: System.String
MethodTable: 00007fff89cd1e18
EEClass: 00007fff89cc2128
Size: 46(0x2e) bytes
File: C:Program FilesdotnetsharedMicrosoft.NETCore.App3.1.3System.Private.CoreLib.dll
String: hello world!
Fields:
MT Field Offset Type VT Attr Value Name
00007fff89c1b1e8 4000242 8 System.Int32 1 instance 12 _stringLength
00007fff89c18000 4000243 c System.Char 1 instance 68 _firstChar
00007fff89cd1e18 4000244 110 System.String 0 static 0000021d81411360 Empty
Well, netcore debugging on windows is as simple as that, and I hope these configurations can save you time.
4. Netframework configuration on windows
The framework program is much more convenient than netcore configuration, and there is no need to generate sos by yourself, as shown in the following code:
64-bit program load path .load C:WindowsMicrosoft.NETFramework64v4.0.30319sos.dll .load C:WindowsMicrosoft.NETFramework64v4.0.30319clr.dll 32-bit program loading path .load C:WindowsMicrosoft.NETFrameworkv4.0.30319sos.dll .load C:WindowsMicrosoft.NETFrameworkv4.0.30319clr.dll
How to configure windbg on windows and lldb on Linux?
5. Netcore 3.1 configuration on centos
First of all, we must understand that windbg is invalid for the Linux kernel, so how to debug it? There are two ways.
1. Use the dotnet-dump gadget built in netcore
The point of this tool 🐮👃 is that neither sos nor clr need you to configure. Use it directly to generate dump, and then debug directly, which is extremely convenient. Let’s take a look at how to install it and open two terminals. The code is as follows:
terminal 1: [root@10-25-198-96 data]# dotnet build [root@10-25-198-96 netcoreapp3.1]# dotnet data.dll hello world terminal 2: [root@10-25-198-96 cs2]# ps -ef | grep dotnet root 31555 31247 0 22:28 pts/0 00:00:00 dotnet cs2.dll root 32112 31995 0 22:29 pts/2 00:00:00 grep --color=auto dotnet [root@10-25-198-96 cs2]# dotnet tool install -g dotnet-dump You can invoke the tool using the following command: dotnet-dump Tool 'dotnet-dump' (version '3.1.122203') was successfully installed. [root@10-25-198-96 cs2]# export PATH=$PATH:$HOME/.dotnet/tools [root@10-25-198-96 cs2]# dotnet-dump collect --process-id 31555 Writing full to /cs2/core_20200508_223204 Complete
How to configure windbg on windows and lldb on Linux?
You can see that the dump file is ready /cs2/core_20200508_223204 , and then use dotnet-dump to debug the dump file.
[root@10-25-198-96 cs2]# dotnet-dump analyze /cs2/core_20200508_223204
Loading core dump: /cs2/core_20200508_223204 ...
Ready to process analysis commands. Type 'help' to list available commands or 'help [command]' to get detailed help on a command.
Type 'quit' or 'exit' to exit the session.
> clrstack -l
OS Thread Id: 0x7b43 (0)
Child SP IP Call Site
00007FFDFCABF2D0 00007fb0397af7fd [InlinedCallFrame: 00007ffdfcabf2d0] Interop+Sys.ReadStdin(Byte*, Int32)
00007FFDFCABF2D0 00007fafbebbb4db [InlinedCallFrame: 00007ffdfcabf2d0] Interop+Sys.ReadStdin(Byte*, Int32)
00007FFDFCABF2C0 00007FAFBEBBB4DB ILStubClass.IL_STUB_PInvoke(Byte*, Int32)
00007FFDFCABF9D0 00007FAFBECF844D System.Console.ReadLine()
00007FFDFCABF9E0 00007FAFBEBB037D cs2.Program.Main(System.String[]) [/cs2/Program.cs @ 13]
LOCALS:
0x00007FFDFCABF9F0 = 0x00007faf980081d8
00007FFDFCABFD08 00007fb037fc0f7f [GCFrame: 00007ffdfcabfd08]
00007FFDFCAC01F0 00007fb037fc0f7f [GCFrame: 00007ffdfcac01f0]
> dumpobj 0x00007faf980081d8
Name: System.String
MethodTable: 00007fafbec30f90
EEClass: 00007fafbeb9e1b0
Size: 44(0x2c) bytes
File: /usr/share/dotnet/shared/Microsoft.NETCore.App/3.1.3/System.Private.CoreLib.dll
String: hello znlive.com
Fields:
MT Field Offset Type VT Attr Value Name
00007fafbec2a0e8 400022a 8 System.Int32 1 instance 11 _stringLength
00007fafbec26f00 400022b c System.Char 1 instance 68 _firstChar
00007fafbec30f90 400022c 108 System.String 0 static 00007faf97fff360 Empty
>
How to configure windbg on windows and lldb on Linux?
It’s that simple, but although this tool is good, it can’t debug the unmanaged heap, and there are not too many commands. Of course, it is enough for us to use in normal times.
2. Use Linux’s exclusive lldb debugger
If you want to achieve windbg-level debugging, you can use the lldb debugger, which is very powerful. I will also introduce it here.
<1> Install lldb
lldb is written in C++, you can also https://github.com/dotnet/diagnostics/blob/master/documentation/building/linux-instructions.md look for an installation method.
sudo yum install centos-release-SCL epel-release sudo yum install cmake cmake3 gcc gcc-c++ gdb git libicu libunwind make python27 tar wget which zip cd $HOME git clone https://github.com/dotnet/diagnostics.git $HOME/diagnostics/documentation/lldb/centos7/build-install-lldb.sh
How to configure windbg on windows and lldb on Linux?
It was installed after a twitch, and you can see from the following that the current version is 3.9.1.
[root@10-25-198-96 cs2]# lldb -v lldb version 3.9.1 ( revision )
<2> Look for sos.dll
Like windbg, you need to generate a sos.dll. . . It is also generated using dotnet-sos.
[root@10-25-198-96 cs2]# dotnet tool install -g dotnet-sos You can invoke the tool using the following command: dotnet-sos Tool 'dotnet-sos' (version '3.1.122203') was successfully installed. [root@10-25-198-96 cs2]# dotnet-sos install Installing SOS to /root/.dotnet/sos from /root/.dotnet/tools/.store/dotnet-sos/3.1.122203/dotnet-sos/3.1.122203/tools/netcoreapp2.1/any/linux-x64 Installing over existing installation... Creating installation directory... Copying files... Updating existing /root/.lldbinit file - LLDB will load SOS automatically at startup Cleaning up... SOS install succeeded
How to configure windbg on windows and lldb on Linux?
From the above information, sos is installed in the /root/.dotnet/sos directory, and you can also see that sos.dll will be automatically loaded when lldb is started. . .
<3> Use createdump to generate dump files
There is a createdump program under each dotnet version, which can be used to generate dump files. For specific configuration documents, please refer to:
https://github.com/dotnet/diagnostics/blob/master/documentation/debugging-coredump.md
[root@10-25-198-96 cs2]# ps -ef | grep dotnet
root 31555 31247 0 22:28 pts/0 00:00:00 dotnet cs2.dll
root 32112 31995 0 22:29 pts/2 00:00:00 grep --color=auto dotnet
[root@10-25-198-96 cs2]# find / -name createdump
/usr/share/dotnet/shared/Microsoft.NETCore.App/3.1.3/createdump
[root@10-25-198-96 3.1.3]# ./createdump 31555 -f /lldb/test.dump
Writing minidump with heap to file /lldb/test.dump
Written 84692992 bytes (20677 pages) to core file
[root@10-25-198-96 3.1.3]# lldb --core /lldb/test.dump
(lldb) target create --core "/lldb/test.dump"
Core file '/lldb/test.dump' (x86_64) was loaded.
(lldb) clrstack -l
OS Thread Id: 0x7b43 (1)
00007FFDFCABF9E0 00007FAFBEBB037D cs2.Program.Main(System.String[]) [/cs2/Program.cs @ 13]
LOCALS:
0x00007FFDFCABF9F0 = 0x00007faf980081d8
00007FFDFCABFD08 00007fb037fc0f7f [GCFrame: 00007ffdfcabfd08]
00007FFDFCAC01F0 00007fb037fc0f7f [GCFrame: 00007ffdfcac01f0]
(lldb) dumpobj 0x00007faf980081d8
Name: System.String
MethodTable: 00007fafbec30f90
EEClass: 00007fafbeb9e1b0
Size: 44(0x2c) bytes
File: /usr/share/dotnet/shared/Microsoft.NETCore.App/3.1.3/System.Private.CoreLib.dll
String: hello znlive.com
Fields:
MT Field Offset Type VT Attr Value Name
00007fafbec2a0e8 400022a 8 System.Int32 1 instance 11 _stringLength
00007fafbec26f00 400022b c System.Char 1 instance 68 _firstChar
00007fafbec30f90 400022c 108 System.String 0 static 00007faf97fff360 Empty
(lldb)
How to configure windbg on windows and lldb on Linux?
As you can see, you can also directly enter clr through lldb. . .
6: Conclusion
I think this article will definitely save a lot of time for many friends.